<?php
require_once('../phplib/include.inc.php');

class DoModifyUser{
	private $db;
	public function DoModify(){
		Util::ValidateRight(1);
		$this->db = getDb();
		$this->db->connect();
		$this->ParseRequest();
		$uid = $this->ModifyUser();
		$this->ModifyRight($uid);
		Util::AddLog("修改用户id为 $uid 的用户");
		PageBase::Go('../home/useradmin.php');
	}
	public function ParseRequest(){
		$R = $_REQUEST;
		if(strlen($R['uname']) == 0) PageBase::Error('请先填写用户名.');
		if(strlen($R['job']) == 0) PageBase::Error('请正确填写职位');
		$db = getDb();
		$db->connect();
		$re = $db->fetch("SELECT * FROM user_t WHERE uname={0} AND uid<>{1}",array($R['uname'],$R['uid']));
		if(count($re) > 0) PageBase::Error('该用户已经存在，请另选一个.');
		
	}
	public function ModifyUser(){
		$R = $_REQUEST;		
		$this->db->startTrans();
		$re = false;
		if(strlen($R['pwd']) != 0){
			$sql = "UPDATE user_t SET uname={0},job={1},pwd={2} WHERE uid={3}";
			$re = $this->db->execute($sql,array($R['uname'],$R['job'],md5($R['pwd']),$R['uid']));
		}else{
			$sql = "UPDATE user_t SET uname={0},job={1} WHERE uid={2}";
			$re = $this->db->execute($sql,array($R['uname'],$R['job'],$R['uid']));
		}
		if($re === false){
			$this->db->rollbackTrans();
			PageBase::Error('修改用户信息的过程中出错了，未知错误，请与技术人员联系');
		}
		return intval($R['uid']);
	}
	public function ModifyRight($uid){
		$R = $_REQUEST;
		if(intval($this->db->fetchScalar("SELECT count(*) FROM right_t WHERE rid=1")) == 1 && !isset($R['useradmin'])){
			if(intval($this->db->fetchScalar("SELECT count(*) FROM right_t WHERE rid=1 AND uid=".$uid)) == 1)
				PageBase::Error('修改用户权限的过程中出错了:系统至少要有一个用户拥有修改用户的权限.');
		}
		$re = $this->db->execute("DELETE FROM right_t WHERE uid=".$uid);
		if($re === false){
			$this->db->rollbackTrans();
			PageBase::Error('修改用户权限的过程中出错了，未知错误，请与技术人员联系');
		}		
		$sql = "INSERT INTO right_t(rid,uid) VALUES ";
		$products = $this->db->fetch("SELECT * FROM product_t");
		if(isset($R['useradmin'])) $sql .= "(1,$uid),";
		if(isset($R['addproduct'])) $sql .= "(2,$uid),";
		if(isset($R['addtype'])) $sql .= "(3,$uid),";
		if(isset($R['modifytype'])) $sql .= "(4,$uid),";
		if(isset($R['deletetype'])) $sql .= "(5,$uid),";
		for($i=0;$i<count($products);$i++){
			$pid = $products[$i]['pid'];
			if(isset($R['viewproduct'.$pid])) $sql .= "(".(intval($pid)*10 + 0).",$uid),";
			if(isset($R['modifyproduct'.$pid])) $sql .= "(".(intval($pid)*10 + 1).",$uid),";
			if(isset($R['deleteproduct'.$pid])) $sql .= "(".(intval($pid)*10 + 2).",$uid),";
		}
		if(substr($sql,strlen($sql) - 1) != ","){
			$this->db->rollbackTrans();
			PageBase::Error('请给该用户分配权限.');
		}
		$sql = substr($sql,0,strlen($sql)-1);
		$sql .= ';';
		$re = $this->db->execute($sql);
		if(intval($re) < 1){
			$this->db->rollbackTrans();
			PageBase::Error('添加用户权限过程中出错了，未知错误，请与技术人员联系');
		}
		$this->db->commitTrans();
		return $this->db->insertId();
	}
}
$domodifyuser = new DoModifyUser();
$domodifyuser->DoModify();
?>